Joyned is committed to safeguarding both your customers' information and your website’s security.
At Joyned we invest significant resources in security and user privacy. We do not collect any private user information and anonymize all user data by default. Our widget is isolated from your website’s code and we maintain the highest network security standards to eliminate any chance of breach from our end and quarantine any damage if a breach occurs.
We’ve designed both our product and our system in a manner so that we do not retain any PIIs (Personally Identifiable Information). Any other user data that we do retain is completely anonymized. We also do not integrate in your website any pages that might contain any such data.
Joyned runs on a secure cloud environment. We use the Checkpoint-Dome9 cloud security system for regular monitoring and vulnerability testing across the entire infrastructure. All system communications are handled within a Virtual Private Cloud (VPC). Our infrastructure is compartmentalized with private security groups that strictly limit access and have no direct access from the web. Our data storage itself is encrypted.
We routinely conduct “gray-hat” application security penetration testing, latest one conducted on April 2019 by App-Sec Labs, a well-known international firm. We use 128-bit Secure Sockets Layer (SSL) for all app-server communications.
Following industry best-practices we’re maintaining a vulnerability management program, regularly monitoring and testing networks and maintaining an information security policy.
We implement strong access control measures – limiting access to system components to only those individuals whose job requires such access and incorporating two-factor authentication (2FA) for all system access points.
As a data controller our service is fully GDPR compliant, and all of our data sub-processors are all GDPR compliant and/or with Privacy Shield certification.